GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
66 advisories
Filter by severity
Argo Workflows Controller: Denial of Service via malicious daemon Workflows
Moderate
CVE-2024-47827
was published
for
github.com/argoproj/argo-workflows/v3
(Go)
Oct 28, 2024
Policy bypass for Host Firewall policy due to race condition in Cilium agent
Moderate
CVE-2024-42488
was published
for
github.com/cilium/cilium
(Go)
Aug 15, 2024
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability
Moderate
GHSA-rvj4-q8q5-8grf
was published
for
github.com/traefik/traefik/v2
(Go)
Jun 20, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Moderate
CVE-2024-35255
was published
for
@azure/identity
(Go)
Jun 11, 2024
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability
Moderate
CVE-2024-30046
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
May 14, 2024
WordOps has TOCTOU race condition
Moderate
CVE-2024-34528
was published
for
wordops
(pip)
May 6, 2024
vantage6 vulnerable to a username timing attack on recover password/MFA token
Moderate
CVE-2024-24770
was published
for
vantage6
(pip)
Mar 15, 2024
Apache Answer Race Condition vulnerability
Moderate
CVE-2024-26578
was published
for
github.com/apache/incubator-answer
(Go)
Feb 22, 2024
Deis Workflow Manager race condition vulnerability
Moderate
CVE-2016-15036
was published
for
github.com/deis/workflow-manager
(Go)
Dec 23, 2023
github.com/go-resty/resty/v2 HTTP request body disclosure
Moderate
CVE-2023-45286
was published
for
github.com/go-resty/resty/v2
(Go)
Nov 28, 2023
Harbor timing attack risk
Moderate
CVE-2023-20902
was published
for
github.com/goharbor/harbor
(Go)
Oct 10, 2023
`chainId` may be outdated if user changes chains as part of connection in @web3-react
Moderate
CVE-2023-30543
was published
for
@web3-react/coinbase-wallet
(npm)
Apr 18, 2023
Answer vulnerable to Race Condition
Moderate
CVE-2023-0739
was published
for
github.com/answerdev/answer
(Go)
Feb 8, 2023
efs-utils and aws-efs-csi-driver have race condition during concurrent TLS mounts
Moderate
CVE-2022-46174
was published
for
github.com/kubernetes-sigs/aws-efs-csi-driver
(Go)
Dec 30, 2022
Apache Airflow exposes arbitrary file content
Moderate
CVE-2022-38170
was published
for
apache-airflow
(pip)
Sep 3, 2022
ansible-runner vulnerable to Race Condition
Moderate
CVE-2021-3702
was published
for
ansible-runner
(pip)
Aug 24, 2022
undertow Race Condition vulnerability
Moderate
CVE-2021-3597
was published
for
io.undertow:undertow-core
(Maven)
May 25, 2022
MutexGuard::map can cause a data race in safe code
Moderate
CVE-2020-35905
was published
for
futures-util
(Rust)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability
Moderate
CVE-2019-8232
was published
for
magento/community-edition
(Composer)
May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch
Moderate
CVE-2019-7614
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Zope Object Database Denial of Service vulnerability
Moderate
CVE-2010-3495
was published
for
zodb3
(pip)
May 17, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security
Moderate
CVE-2011-2731
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
OpenStack Neutron Race Condition vulnerability
Moderate
CVE-2017-7543
was published
for
neutron
(pip)
May 13, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Moderate
CVE-2009-5010
was published
for
pyftpdlib
(pip)
May 2, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Moderate
CVE-2009-5011
was published
for
pyftpdlib
(pip)
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API